Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can Intel's 'Management Engine' Be Repurposed?

Posted by EditorDavid on from the messing-with-Minix dept.

Long-time Slashdot reader iamacat writes: Not a day goes by without a story about another Intel Management Engine vulnerability. What I get is that a lot of consumer PCs can access network and run x86 code on top of UNIX-like OS such as Minix even when powered off.

This sounds pretty useful for tasks such as running an occasional use Plex server. Like I can have a box that draws very little power when idle. But when an incoming connection is detected, it can power itself and the media drive on and serve the requested content.
The original submission ends with an interesting question. "if Intel ME is so insecure, how do I exploit it for practically useful purposes?"

5 of 139 comments (clear)

  1. Repurposed? That's exactly what it is intended for by MobyDisk · · Score: 5, Interesting

    The submission is confusing because the author proposes "repurposing" the ME, but the example is something that it what it is intended for in the first place. Back when it was first introduced, I worked for a company that created a program that would wake a remote computer on demand and run a few sundry tasks: a defrag and a backup. Intel partnered with various software vendors to create demos of what ME could do. And heck, even without ME, most network cards have a wake-on-LAN feature anyway.

    Intel clearly didn't do a good job marketing the feature if nobody thought of how to use it until a vulnerability was found in it.

  2. Re: It depends on your risk-management philosphy by c6gunner · · Score: 4, Informative

    Many many years ago there was an exploit called "Back Orifice" which was more properly named "Cult of the Dead Cow".

    Just for the record, Cult of the Dead Cow was the name of the group which created it; Back Orifice was the name of a program which they released.

    And yes, it was tiny enough to be easily attached to even something as small as a keygen, turning it into an easy trojan, while also being a great remote administration tool for more legitimate use.

  3. Lights Out Management Engine by Anonymous Coward · · Score: 5, Interesting

    The Intel ME (I think) was a combination Light Out mangement management engine and a VNC server, basically IPMI over IP with a remote console.

    It wasn't that secret as I recall it started with something like the P68 chipset on Intel motherboards and was ubiquitous, the weird path to obscurity was when they tried to monetize and license it..

    The best thing Intel could do today would be to fully document and open it up. People would probably choose to either disable it, or more probably add-on a seperate ethernet card for secure traffic, and reserve the built-in NIC for management activities like on HP servers with its iLO interface.. they also had a "shared" mode stealing interstitial ethernet CDMA intervals to virtualize two seperate Ethernet MAC addresses on the same physical hardware.. duty cycle something like 80/20 but they had the lesson learned to also make it disabled and use (only) a seperate add-on interface connected to different pins on the motherboard, for 100/100 across two different NIC interfaces for practical reasons. Ironically it all started with the Gas and Oil industry, Exxon back in the days when they wanted remote mangement on their servers.. in pre-HP Compaq days.. Intel saw that and wanted some of that business.. so it crept into the base designs later.. without a lot of thought.. which has come home to roost

  4. Re:What's what WOL is for by Myself · · Score: 5, Insightful

    Yes and no. WOL can wake a sleeping computer, but not reboot it if it hangs, nor provide any other sort of remote administration beyond what the OS gives you once it comes up. And if it doesn't come up, WOL just left you in the lurch. You need remote-hands to recover.

    I've gone so far as to repurpose a WOL-capable network card as a reset-on-lan device, because my always-on machine doesn't need waking, but inevitably if I'm on the other side of the country, it somehow manages to need rebooting.

    IME sounds like it could serve this purpose and more, perhaps providing a useful subset of iLO/DRAC functionality, but not just for server boards.

  5. Re:Repurposed... by Anonymous Coward · · Score: 5, Funny

    Better yet, repurposed to send the following email to Intel's CEO every 10 minutes.

    "Hi, this is an automated message sent from a hijacked Intel Management Engine to remind you of what you enabled by adding me to the design of your chips. The owner of the computer is unable to stop this, and in fact is completely unaware that it's happening! Currently the computer is turned [on/off]. I strongly recommend you rethink adding this to the next line of cpu chips as a botnet is currently being formed to send these reminders to you!"

    I think I'm mostly joking.